Fortinet Forticlient vulnerabilities

CVE-2022-43946 [HIGH] CWE-732 CVE-2022-43946: Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732 Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe.

CVE-2022-40682 [HIGH] CWE-863 CVE-2022-40682: A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6. A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.

CVE-2022-42470 [HIGH] CWE-23 CVE-2022-42470: A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4 A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe.

CVE-2023-22635 [HIGH] CWE-494 CVE-2023-22635: A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 t A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgr

CVE-2022-33878 [MEDIUM] CWE-200 CVE-2022-33878: An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.

CVE-2022-26122 [MEDIUM] CWE-345 Evasion by manipulating MIME attachment FG-IR-22-074: Evasion by manipulating MIME attachment An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64. CVEs: CVE-2022-26122 CWEs: CWE-345 CVSS: 4.7 (medium) Affected products: F

CVE-2022-26113 [HIGH] CWE-269 CVE-2022-26113: An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 through An execution with unnecessary privileges vulnerability [CWE-250] in FortiClientWindows 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.10 may allow a local attacker to perform an arbitrary file write on the system.

CVE-2021-41031 [HIGH] CWE-22 CVE-2021-41031: A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior A relative path traversal vulnerability [CWE-23] in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service.

CVE-2021-44167 [HIGH] CWE-732 CVE-2021-44167: An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.

CVE-2021-43066 [HIGH] CWE-668 CVE-2021-43066: A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, vers A external control of file name or path in Fortinet FortiClientWindows version 7.0.2 and below, version 6.4.6 and below, version 6.2.9 and below, version 6.0.10 and below allows attacker to escalate privilege via the MSI installer.

CVE-2021-22127 [HIGH] CWE-78 CVE-2021-22127: An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious name.

CVE-2021-44169 [HIGH] CWE-665 CVE-2021-44169: A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory.

CVE-2021-43205 [MEDIUM] CWE-200 CVE-2021-43205: An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries.

CVE-2021-41028 [HIGH] CWE-295 CVE-2021-41028: A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0 A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perfor

CVE-2021-36167 [MEDIUM] CVE-2021-36167: An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6 an An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater.

CVE-2021-43204 [MEDIUM] CVE-2021-43204: A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 a A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.

CVE-2021-41030 [MEDIUM] CWE-294 An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4... FG-IR-21-192: An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4... An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by i

CVE-2021-32592 [HIGH] CWE-427 CVE-2021-32592: An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and F An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

CVE-2021-36183 [HIGH] CVE-2021-36183: An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and belo An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.

CVE-2021-42754 [MEDIUM] CWE-94 CVE-2021-42754: An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file.